Solved

Setting up a Domain controller to sync with an internet time source through Microsoft Proxy server 2004

Posted on 2006-10-26
10
428 Views
Last Modified: 2012-08-13
Hello,

I am in need of assistance with setting up a Domain Controller as a Reliable Time Source, but I'm not sure how to configure a Microsoft Proxy Server (2004) to allow the Domain Controller to get access to a time server with the NTP protocol.  Or, maybe it would be better if I setup the proxy server itself to pull time from the internet, and set one reliable time sourced domain controller to point to it.  I am currently testing TimeTools SNTP Time Client to possibly use as a client, but I was wondering if there are suggestions for another time client to try.  Perhaps one that can be setup as a service so it don't have to be running on the desktop all the time.

Thanks,
Mike
0
Comment
Question by:miket71
  • 5
  • 5
10 Comments
 
LVL 38

Accepted Solution

by:
younghv earned 125 total points
ID: 17813875
Hi mike71,
This should get you started: http://tf.nist.gov/service/its.htm

Post back with any specific questions.


Vic
0
 

Author Comment

by:miket71
ID: 17814130
Can this one run as a service rather than an application?
0
 
LVL 38

Expert Comment

by:younghv
ID: 17814530
Service - w32time runs as a client service.

As a general comment, a 'C' grade is the lowest possible grade you can give to someone who is trying to help.
If you have questions or need more specifics, please ask before deciding on a grade.
0
 

Author Comment

by:miket71
ID: 17814554
Sorry, I don't know how to use this site very well.  I just started yesterday.
0
 

Author Comment

by:miket71
ID: 17814693
I was unable to find the download link for the software at the site provided above.  All I really want to do is setup our ISA 2004 server to allow the NTP protocol to pass though it so that it or a DC server, or ISA server, can update the correct time from outside.  I would like to make it work with a time client program that can run as a service, or use the registry to work with the w32time service.  I'm thinking that I should setup the ISA server to pull time from an external time domain, then set a DC to pull time from ISA, set the DC as a reliable source, then let all other DCs and PCs pull time updates from the reliable source DC.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 38

Expert Comment

by:younghv
ID: 17814722
Try this link to MS (and let's hope this link is functional).

http://support.microsoft.com/kb/323621
0
 

Author Comment

by:miket71
ID: 17815200
The link was kind of handy.  I tried to translate the steps the best I could.  At this point, the ISA server is my roadblock.  Even though I opened the NTP protocol on it via UDP at port 123, and set it to allow a specific DC to communicate to an outside time source, the DC is still unable to do it.  I know that the ISA server doesn't allow any pinging to go throught it.  It only allows domain names to resolve to IP addresses when I ping a domain name.  I set the server to not go anywhere for time updates for now, and made it become a reliable time source for the clients and other DCs.  I'm not sure how critical it is that the main DC be able to go outside to get time updates.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17815287
Warning you up front - this is a guess.

You might be able to configure your 'HOSTS' file with the IP address and URL of the outside time source.

Your HOSTS (no extension) file should be in your SYSTEM32\DRIVERS\ETC folder.

ADD: 192.168.10.1     companyweb  (enter the actual IP and company URL)
BLOCK: 127.0.0.1       badwebsite ( use the 127.0.0.0 and the actual bad site)
0
 

Author Comment

by:miket71
ID: 17815322
I thought that the hosts file only worked for static resolutions though.  When I ping time.windows.com for example, it resolves to IP, but there is no reply.  I tried adding it to the hosts file anyways just to try it, but I have the same results.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17815357
As long as your DC is the time source, the critical function is being met.
Just keep an eye on the DC.

(I told you it was just a guess.)

:)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Restore Sony Viao to factory settings 8 103
Disk Error 13 66
PXE question 7 76
Replace Ubuntu Desktop with Ubuntu Server 7 51
Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This video discusses moving either the default database or any database to a new volume.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now